* fix: 解决 MCP 工具与内置工具重名时的连坐问题
- 修改 get_func 方法:优先返回已激活的工具
- 修改 get_full_tool_set 方法:使用 add_tool 防止同名冲突
- 修改 add_tool 方法:优先保留已激活的工具
Fixes#5821
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* refactor: address PR review feedback for tool conflict resolution
- Fix inconsistency: get_func now uses reversed() to match ToolSet.add_tool's
"last-active-wins" logic, preventing potential "tool hijacking" issues
- Improve readability: replace double negative condition with clearer logic
- Add compatibility: use getattr with default for tools without 'active' attribute
- Remove unnecessary deepcopy: MCPTool runtime objects should not be deep copied
- Update docstring: accurately describe the actual tool resolution behavior
Addresses review comments from sourcery-ai, gemini-code-assist, and Copilot.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* test: add tests for tool conflict resolution (issue #5821)
Add comprehensive tests for ToolSet.add_tool, get_func, and get_full_tool_set
to verify the conflict resolution behavior when MCP tools share names with
built-in tools.
Test cases:
- ToolSet.add_tool: active/inactive priority, last-one-wins for same state
- get_func: returns last active tool, fallback to last matching tool
- get_full_tool_set: deduplication logic, no deepcopy, MCP overrides disabled builtin
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: 修复工具冲突处理逻辑,确保未激活工具不被错误移除
---------
Co-authored-by: whatevertogo <whatevertogo@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* Add Kimi Code provider
* Add icon mapping for Kimi Code provider
* Clarify Kimi CodingPlan provider labeling
* Refine Kimi Code header handling
* modified docker compose
* fix: correct Kimi Coding Plan label and update API base URL
---------
Co-authored-by: Soulter <905617992@qq.com>
- Dashboard: Catch missing index.html error, log warning, and disable WebUI instead of crashing.
- Dashboard: Use anyio.Path for async file existence checks in SSL config.
- CLI/Backup: Replace blocking file operations with anyio async operations.
- Core: Replace blocking file operations with anyio in Coze/Dify clients and TTS simulation.
- Provider: Rename 'timeout' param to 'init_timeout'/'request_timeout' to fix ASYNC109 warnings.
- Ruff: Fix various ASYNC230/ASYNC240 errors across multiple files.
* fix: only pass dimensions param when explicitly configured
Models like bge-m3 don't support the dimensions parameter in the
embedding API, causing HTTP 400 errors. Previously dimensions was
always sent with a default value of 1024, even when the user never
configured it. Now dimensions is only included in the request when
embedding_dimensions is explicitly set in provider config.
Closes#6421
Signed-off-by: JiangNan <1394485448@qq.com>
* fix: handle invalid dimensions config and align get_dim return
- Add try-except around int() conversion in _embedding_kwargs to
gracefully handle invalid embedding_dimensions config values
- Update get_dim() to return 0 when embedding_dimensions is not
explicitly configured, so callers know dimensions weren't specified
and can handle it accordingly
- Both methods now share consistent logic for reading the config
Signed-off-by: JiangNan <1394485448@qq.com>
* fix: improve logging for invalid embedding_dimensions configuration
---------
Signed-off-by: JiangNan <1394485448@qq.com>
Co-authored-by: Soulter <905617992@qq.com>
Fixes#6283
When adding a new embedding provider, the knowledge base creation page
did not show the new provider until restart.
Root cause: create_provider() did not update self.providers_config,
which is used by get_provider_config_list() to return provider lists.
This fix syncs the in-memory config after loading the new provider,
consistent with how reload() handles config updates.
Co-authored-by: ccsang <ccsang@users.noreply.github.com>
* Fix CreateSkillPayloadTool array schema missing items field
The payload parameter's anyOf array variant lacked an items field,
causing Gemini API to reject the tool declaration with 400 Bad Request:
'parameters.properties[payload].any_of[1].items: missing field.'
Add items: {type: object} to the array variant to satisfy the Gemini
API requirement for array type schemas.
Fixes#6279
* Fix TypeError when OpenAI-compatible API returns null choices
Some providers (e.g. OpenRouter) may return a completion where
choices is None rather than an empty list — for instance on rate
limiting, content filtering, or transient errors. The existing code
used len(completion.choices) which throws TypeError on None.
Replace all len(...choices) == 0 checks with 'not ... .choices' which
handles both None and empty list. Affects _query_stream, _parse_openai_completion,
and _extract_reasoning_content.
Fixes#6252
In _handle_api_error(), when a 429 rate-limit is encountered, the code
calls available_api_keys.remove(chosen_key). If the same key was already
removed in a previous retry iteration (e.g. the key rotated back to the
same value), this raises ValueError which crashes the entire LLM request
with an opaque error instead of a proper retry/fallback.
Add a membership check before calling remove() to prevent the crash.
Co-authored-by: easonysliu <easonysliu@tencent.com>
- Add audio data validation in MiniMax TTS get_audio() method to detect empty responses
- Validate generated audio file size in TTSProvider.test() to ensure valid output
- Provide detailed error messages guiding users to check group_id configuration
- Auto-cleanup test audio files after validation
- Fixes issue where 0KB audio files would pass TTS detection when group_id is not configured
* fix(provider): handle MiniMax ThinkingBlock when max_tokens reached
Fixes#5912
Problem: MiniMax API returns ThinkingBlock when stop_reason='max_tokens',
but AstrBot throws 'completion 无法解析' exception because both
completion_text and tools_call_args are empty.
Root cause: The validation logic didn't consider ThinkingBlock
(reasoning_content) as valid content.
Fix: When completion_text and tools_call_args are empty but
reasoning_content is present, treat it as valid instead of throwing
exception. This happens when the model thinks but runs out of tokens
before generating the actual response.
Impact: MiniMax models now work correctly when responses are truncated
due to max_tokens limit.
* refactor: address review feedback
1. Use getattr for safe stop_reason access (prevent AttributeError)
2. Use ValueError instead of generic Exception for better error handling
Thanks @gemini-code-assist and @sourcery-ai for the review!
* refactor: flatten nested if/else with guard clause
Address Gemini Code Assist feedback:
- Use guard clause for early return
- Flattened nested conditional for better readability
Logic unchanged, just cleaner code structure.
* fix(provider): improve logging for ThinkingBlock completions in ProviderAnthropic
---------
Co-authored-by: Soulter <905617992@qq.com>
* fix: resolve MCP tools race condition causing 'completion 无法解析' error
- Wait for MCP client initialization to complete before accepting requests
- Add Future-based synchronization in init_mcp_clients()
- Prevent tool_calls from being rejected due to empty func_list
- Improve error logging for MCP initialization failures
Fixes race condition where AI attempts to call MCP tools before they are
registered, resulting in 'API 返回的 completion 无法解析' exceptions.
The issue occurred because:
1. MCP clients were initialized asynchronously without waiting
2. System accepted user requests immediately after startup
3. AI received empty tool list and attempted to call non-existent tools
4. Tool matching failed, causing parsing errors
This fix ensures all MCP tools are loaded before the system processes
any requests that might use them.
* perf: add timeout and better error handling for MCP initialization
- Add 20-second total timeout to prevent slow MCP servers from blocking startup
- Show detailed configuration info when MCP initialization fails
- List all failed services in a summary warning
- Gracefully handle timeout by using already-completed services
This ensures that even if some MCP servers are slow or unreachable,
the system will start within a reasonable time and provide clear
feedback about which services failed and why.
* refactor: simplify MCP init orchestration and improve log security
- Replace Future-based sync with asyncio.wait + name→task mapping
- Explicitly cancel timed-out tasks after 20s timeout
- Downgrade sensitive config details (command/args/URL) to debug level
- Move urllib.parse import to top-level
* fix: prevent initialized MCP clients from being cleaned up on timeout
- Do not cancel pending tasks on timeout; let them continue running
in the background waiting for the termination signal (event.set()),
so successfully initialized services remain available
- Track initialization state with a flag to distinguish init failures
from post-init cancellations in _init_mcp_client_task_wrapper
* fix: restore task cancellation on timeout per review feedback
Pending tasks in asyncio.wait are tasks that have NOT completed
initialization within 20s, so cancelling them is safe and correct.
* fix: separate init signal from client lifetime in MCP task wrapper
The previous design awaited task completion, but tasks only finish
on shutdown (after event.wait()), causing asyncio.wait to always
hit the 20s timeout and cancel all clients.
Fix: introduce a dedicated ready_event that is set immediately after
_init_mcp_client completes. init_mcp_clients now waits only for
ready_event (with 20s timeout), while the long-lived client task
continues running in the background until shutdown_event is set.
This ensures startup returns promptly once clients are ready.
* security: redact sensitive MCP config from debug logs
Only log executable name and argument count instead of full
command/args to avoid leaking tokens or credentials even at
debug level.
* refactor: use McpClientInfo dataclass and MCP_INIT_TIMEOUT constant
- Extract MCP_INIT_TIMEOUT = 20.0 as a named module-level constant
- Replace tuple-based client_info with _McpClientInfo dataclass to
eliminate index-based access and improve readability
- Remove _wait_ready helper; use asyncio.create_task(event.wait()) directly
- Await cancelled tasks after timeout to prevent lingering background
tasks and unobserved exceptions
* fix: handle CancelledError and clean up wait_tasks on timeout
- Catch asyncio.CancelledError separately in _init_mcp_client_task_wrapper
so ready_event.set() is always called (Python 3.8+ CancelledError
inherits BaseException, not Exception)
- Cancel and await lingering wait_tasks after timeout to prevent
them from hanging indefinitely when ready_event is never set
* fix: align enable_mcp_server with new wrapper API and fix security/config issues
- Fix enable_mcp_server to pass shutdown_event + ready_event instead of
ready_future, matching _init_mcp_client_task_wrapper's current signature
- Cancel and await init_task on timeout; clean up mcp_client_event on failure
- Read MCP_INIT_TIMEOUT from env var ASTRBOT_MCP_INIT_TIMEOUT (default 20s)
so operators can tune it without code changes
- Strip userinfo from URL in debug log (use hostname+port only, not netloc)
to avoid leaking credentials embedded in URLs
* refactor: register mcp_client_event only after successful init in enable_mcp_server
Move self.mcp_client_event[name] assignment to after initialization
succeeds, so callers never observe a stale event for a failed client.
* fix: harden MCP init state handling and timeout parsing
* fix: improve MCP timeout and post-init error observability
* refactor: simplify MCP init lifecycle orchestration
* refactor: simplify MCP init flow and cap timeout values
* fix: refine mcp timeout handling and lifecycle task tracking
* fix: harden mcp shutdown and timeout source logging
* refactor: simplify mcp runtime registry and timeout flow
* fix: keep mcp init summary return contract
* refactor: streamline mcp lifecycle and init errors
* refactor: unify mcp lifecycle wait handling
* refactor: simplify mcp runtime ownership and timeout resolution
* fix: harden mcp shutdown waiting and startup signaling
* refactor: streamline mcp lifecycle and shutdown errors
* refactor: harden mcp runtime access and shutdown
* fix: ensure mcp client cleanup and clarify views
* refactor: cache mcp client view and guard startup
* refactor: simplify mcp init cleanup and runtime lock
* refactor: reduce mcp runtime duplication
* refactor: reuse mcp cleanup and client view
---------
Co-authored-by: idiotsj <idiotsj@users.noreply.github.com>
Co-authored-by: 邹永赫 <1259085392@qq.com>
* fix(dashboard): 强化 API Key 复制临时节点清理逻辑
* fix(embedding): 自动检测改为探测 OpenAI embedding 最大可用维度
* fix: normalize openai embedding base url and add hint key
* i18n: add embedding_api_base hint translations
* i18n: localize provider embedding/proxy metadata hints
* fix: show provider-specific embedding API Base URL hint as field subtitle
* fix(embedding): cap OpenAI detect_dim probes with early short-circuit
* fix(dashboard): return generic error on provider adapter import failure
* 回退检测逻辑
* feat: add Anthropic Claude Code OAuth provider and adaptive thinking support
* fix: add defensive guard for metadata overrides and align budget condition with docs
* refactor: adopt sourcery-ai suggestions for OAuth provider
- Use use_api_key=False in OAuth subclass to avoid redundant
API-key client construction before replacing with auth_token client
- Generalize metadata override helper to merge all dict keys
instead of only handling 'limit', improving extensibility
* ci: remove Electron desktop build from release pipeline
* chore: remove electron desktop and switch to tauri release trigger
* ci: remove desktop workflow dispatch trigger
* refactor: migrate data paths to astrbot_path helpers
* fix: point desktop update prompt to AstrBot-desktop releases